NSW vote counting code could be released after bug discovery

The NSW Electoral Commission says it is considering a suggestion that it release the source code of its vote-counting software following the discovery of bug by a group of researchers.

Researchers from the University of Melbourne and ANU say the software error caused a mistake in the count in a 2012 council election in Griffith.

Candidate Rina Mercuri, running for the first time in the south-western NSW town, narrowly missed out on a seat.

“We believe the software error incorrectly decreased Mercuri’s winning probability to about 10%,” two of the researchers, Vanessa Teague and Andrew Conway, wrote in a blog post. “According to our count she should have won with 91% probability.”

NSW’s acting electoral commissioner, Linda Franklin, said in a statement that the error in the software had now been “corrected and tested”.

After reviewing the research paper, the commission contacted all the candidates in the count and apologised for the error. Candidates will not be able to appeal as the deadline for challenges was three months after the election.

“It is important to understand that even if the error had not occurred, the unsuccessful candidate may still not have been elected due to the effect of randomisation,” the commission noted.

The randomisation referred to relates to the process of selecting surplus ballot papers and distributing them to remaining candidates when counting votes.

The researchers were able to find the error after code fragments and algorithms were published by the Commission.

“If full source code was available there would be even more opportunity to examine the system to find mistakes before, rather than after, the election,” wrote Teague and Conway. “It would be good for democracy, and good for the Electoral Commissions, to make election-related source code public before an election,” the pair wrote.

Both sets of code were publicly released and rectified ahead of elections. A joint study between the University of Melbourne and the University of Michigan also found security failures and verification flaws in NSW's online iVote system.

“Our research supports the conclusion of similar studies in Australia and overseas: certified code may contain undetected software errors that impact election results,” Teague and Conway wrote.

That claim is “weak” given “it took us three person-days of work to write a similar program,” wrote Teague and Conway in their article. “Of course testing takes a long time - but many interested members of the public would do this for free if they could.

“It could only help the AEC to allow the public to identify errors and resolve ambiguities before the election, rather than leaving it until afterwards.”

The paper also criticises the role of randomisation in distributing candidate preferences and called for its removal from the election process altogether.

The NSW Electoral Commission responded on the same day of the paper's publication that it was “committed to maintaining and improving the integrity and public trust in the electoral process in NSW”.

“The NSW public can be confident that the electronic count system used for elections is a vast improvement from manual counts and has drastically reduced the risk of counting errors and waiting times for election results,” said Franklin.

Copyright 2018 IDG Communications. ABN 14 001 592 650. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of IDG Communications is prohibited.